Category: APIs

Oracle is adding a secret recipe to all their Cloud Services with a nice touch of Machine Learning. This makes it possible to have the new series of “Autonomous” Cloud Services that are self-driving, self-healing and self-securing. Stay tuned, because we are going to keep listening a lot about them.

In this blog I am going to show you how to provision an Autonomous API Platform environment and then provision and register an API Gateway, running on a separate Oracle Linux VM on IaaS.

API Request – is the endpoint to which users or applications send requests for your API.

Service Request – is the URL at which your back-end service receives requests.

In this blog we are going to discuss what are the additional configuration we need to done inside API Platform Gateway Server while invoking a HTTPS Service Request URL.

Since, its HTTPS URL obviously there is associated SSL cert with that URL which is signed by Certificate Authority.

Recently, I have been doing one POC where I was invoking a Service Request HTTPS URL but it was not working and later found out it’s because of associated SSL certificate was not configured in Weblogic JKS Keystore.

Before, I get into detailed solution, let me tell you bit more about problem. At very initial stage when I tried creating an API which is in-turn calling an HTTPS service request, it was failing while invoking that service from rest POSTMAN tool and was getting “Internal Server error” as per below snap.

Is Troubleshooting Important for you ? I hope, the answer is Yes. If that’s the case for you then first thing we need to know where to look for the detailed error message when something going wrong e.g. Gateway server not pooling API configuration from Management tier, while Invoking API end user getting “Internal Server Error”, “Resource not found” etc etc. There could be many types of error but often its hard to find out root cause of exact error.

Recently, I have created an API which was further calling and HTTPS endpoint. While, invoking that API I was getting error “Internal server error”, However, there was nowhere I could easily locate the details error about this problem. I had looked Managed server.log, ManagedServer.out, APICS EDR file and many other files but couldn’t find useful error message related to my error. Later, I found one log file “default.log” which helped me to get root cause of my error. Hence, I decided to compile a list of all logs files, their location and bit of description, so that next time when I hit the some issue, it could be much easier for me to find out root cause by looking relevant log file. This blogs definitely helps to reader as well if they got stuck with API Gateway Error.

Note: The path given in my explanation could be different than your environment but I hope you can very well workout your environment path after looking my sample PATH which I have mentioned in this blog. My base location of installation was “/u01/apics”, the rest PATH should be same in your environment.

Also, before enabling debug/trace severity make sure it’s impact on file size because some of the files start getting thousand of lines of logs once you enabled the debug/trace log severity.

So, here is my comprehensive logs files list, their location and bit of description which you won’t find in Oracle APICS documentation.

Much has been written on RedThunder.blog about the Oracle API Platform Cloud Service. In this blog, I am going to get into the advanced topic of Custom Policies. You would start exploring this area when the built-in policies do not cover your use case. The power and ease of implementing Custom Policies, I believe, is a killer value proposition of this platform.

Before we proceed, it would helpful to understand the backend technology of what the API Platform is built on. API Platform built-on the heritage of the sturdy and scalable WebLogic server.

There are 3 components:

Management Portal – Used to create and manage APIs. This is an application hosted in WebLogic server, utilising WebLogic for clustering and scaling. Oracle hosts and manages this in our Public Cloud and automates the whole installation process, so you just have a make a few clicks to provision it. The Management Portal is the brains of the API Platform, registering Gateways and deploying and publishing APIs to the Gateways and Developer Portal. You can access all its functions through REST API.

Gateway Node – Holds the run-time of the API. This is based on the Oracle Communications Service Gatekeeper (OCSG) from our telco-grade suite of products. Built-on WebLogic, the Gateway Nodes can be installed on any platform on-premise or in the Cloud (e.g. Amazon, Azure, Oracle). It is packaged as a zip file downloaded from the Management Portal itself. Once installed, the Gateway calls home to the Management Server to register itself. It pulls APIs and the policies associated with it from the Cloud once they are deployed. Gateways forms a logical cluster for HA purposes, so you deploy once and the APIs propagate to all the nodes in the cluster.

The Gateway Install zip also hosts the necessary code nuggets for customisation.

Developer Portal – Used for developers to review documentation and subscribe to APIs. Also an application, this is by default hosted in the same WebLogic Server as the Management Portal. If you wish to run another Developer Portal, let’s say on-premise or customise it, you can extract the Developer Portal war from the Gateway Server install zip and host it in another WebLogic server.

Now coming to Custom Policies, they are essentially Java-code packaged as war files. The Gateway Install zip holds the code nuggets necessary to generate a Policy Stub. It also holds the necessary libraries aka Policy SDK (matching the version of the Gateway server) to compile against.

Much has been written on the design of ideal REST APIs, from Roy Fielding’s original description of HATEOAS interfaces, to much more practical approaches mirroring APIs rolled out by large technology companies. When working alone, I have a lot of freedom in how I design and build my APIs, and I always strive to design APIs which I would love to consume, based upon a number of undocumented, but strongly-held design intuitions. Collections are plurals; sub-objects are used sparingly, and mostly for practical considerations like payload size; HTTP status codes are used appropriately for particular types of errors and responses; etc.

When I work as part of a larger team, I often find that we end up building interfaces with slight inconsistencies, even if the design of them was based upon some documented high-level design principles. These inconsistencies impact the productivity of both internal and external developers which have to use these APIs, as they have to carefully parse the documentation to develop around the ‘quirks’ of the individual APIs.

Ironing out these inconsistencies can be achieved in a couple of ways, adopting a waterfall-style development model, in which each team is required to submit their detailed design specifications to an architecture council for review and sign-off; or putting a system in place which checks new API designs for consistency, and provides real-time feedback to API designers as they sketch out the interface. Oddly enough, the approach that I am going to discuss in this blog post is not the former; instead we are going to explore the Style Guide capabilities offered by Apiary.io, which allows us to develop rules governing API styles, which are assessed in real-time during API design.

Hi, just thought to post the solution for this error, when I hit this error, searched all over internet couldn’t find any specific blog describing possible cause of getting this error while invoking an API.

Let me give some background. I have created an API using Oracle API Platform Management Portal and when I tried invoking that API using google postman tool I was getting below error –

This was a silly mistake but worth highlighting. When we create API definition in API Management portal there is tab page “API Implementation” which has configuration field “API Request” where we need to define the API endpoint URL where consumer of this API will send input request. While I was declaring that portion I have given this URL “api/medrec”.

Blogroll

RedThunder.blog and contributors. All Rights Reserved. The views expressed in this blog are our own and do not necessarily reflect the views of Oracle Corporation. All content is provided on an ‘as is’ basis, without warranties or conditions of any kind, either express or implied, including, without limitation, any warranties or conditions of title, non-infringement, merchantability, or fitness for a particular purpose. You are solely responsible for determining the appropriateness of using or redistributing and assume any risks.

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts by email.